inurl:crossdomain filetype:xml intext:allow-access-from

Locates crossdomain.xml files used by flash/flex/silverlight to
determine the cross domain policy of that site's
flash/flex/silverlight apps. An open setting of will allow a weaponized flash application hosted on an
attacker's site to read information from the target site while running
in a victim's browser.